Compliance

  • ISO 27001
  • ISO 27018
  • SOC-1 & SOC-2 Type II Reports
  • TÜV Rheinland Certified Cloud Service
  • PCI DSS
  • HIPAA Compliant
  • FINRA/SEC 17a-4
  • G-Cloud Framework
  • FedRAMP
  • IRS 1075
  • Binding Corporate Rules
  • C5
  • TCDP

Customer is solely responsible for ensuring it is in compliance with any applicable laws and regulations. Box does not provide legal advice or any representations that Box will ensure Customer is in compliance with applicable laws or regulations. Customer acknowledges that purchasing any services or products from Box does not ensure or provide an attestation that Customer is in compliance with specific compliance, legal, or regulatory requirements.

Box Inc's 2020 statement on the UK Modern Slavery Act of 2015

If you have additional questions around Box’s compliance efforts, please contact us at sales@box.com for further information.